Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

2023年全...��.url

windows7-x64

1

2023年全...��.url

windows10-2004-x64

5

Starfield ...er.exe

windows7-x64

1

Starfield ...er.exe

windows10-2004-x64

1

www.3dmgame.com.url

windows7-x64

6

www.3dmgame.com.url

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03/09/2023, 13:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    www.3dmgame.com.url

  • Size

    122B

  • MD5

    49cbfed4fa9b3fafdc9d499b6163fa62

  • SHA1

    28decd9138bd3f7b3ef38bf9e40cd0d6305d1cdb

  • SHA256

    03df27e82600098c34c413cc2e45b43638d3ac33666960cfbd913f1c3f9a0b11

  • SHA512

    64e91ed564ef64d7687599012c4728b811fec2661dcb7941374cdd3a8450563073c67c452d97d43545f49182fbda2c26702dd35088723ace21717282d1233627

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 33 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\System32\rundll32.exe
    "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL C:\Users\Admin\AppData\Local\Temp\www.3dmgame.com.url
    1⤵
    • Checks whether UAC is enabled
    PID:2240
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" -Embedding
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2832
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2832 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2688

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3e15dbd993d7d8bb44faa74b4d60075e

    SHA1

    da7cfd9e0e81804d557fc780136085df9c95f18d

    SHA256

    6e5068e641e12b02ba43367e0bfc0dc5ca6d370ff195404702a2bd554c2b0bb8

    SHA512

    3bca4c1bcef0d147826c151e950ac6ed9c28f41ba266d8ff4851ecd2146e32182904f809831302165eb0666b784c6e85f3d27f24dc08cf52c1e7851d166aabce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7d9b6019918cb5893b917c0684aea88f

    SHA1

    92c05a031d5e7119a6e2258cecb7d858ab3e5471

    SHA256

    86093930180228587cca528923b06939d692f1819b882e660b12e0c3465a2abe

    SHA512

    f4573a9c01241447450a9998c79cdbb169155ed68f5b867ae56b2944aa2b7cacd88e89cf9fa9a06676c9023e5a3e2c20c0fef3be9fb1d6a66e1b99563e477b53

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    d8bb02accabff7c9ca448183d91be7df

    SHA1

    0aac11ae39988108abe17ad3733a61be501f3bf6

    SHA256

    2f1c2f5c9875362a9bdce8065c1009c50b519560770680f65dfcbc97055bde6e

    SHA512

    cc8cb8d9caefe25dc795d901317fcad86dd88046115644d74bfe72fb042d05e6408d01e4cd003e61c5a492e8ef8de9d64f43df9e25449fb1f53bdbe89c07d231

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    cc58e0163fed3ce2c8966059adce1621

    SHA1

    b1d3bf58095839f8bfba1ca0b1ce96381a21be77

    SHA256

    3ee5e6c0537ffe9c76bf18f3f629e27cfa54990cf9c46f6a2ee70df581dfdb6b

    SHA512

    bf2931fa26a8f2d44aa1322c653f8e64281f49edcfe63234ca5ed54870cec297c89af5b60d83029afcfe0d55d8055ba603b369678133ee7886a84d61cec51f05

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2943e0bc741a20de8265d5f61b598d9f

    SHA1

    050a86f0f4831ed41f18087a920ca6632db974b3

    SHA256

    065d967c41d6680130b2b5b78e6d34b10ada0fc766263e1e2b4b2fa1de00046f

    SHA512

    06789af095b5a038cac3d5920360b775c37234a9b65afed2456d52813cf24a3925584b47ccdb9a1ad5eadafc396a3fc8716721ea2e5743a0c8a2d225b540b903

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    9619fd3c2bf6314e93b83abf6a40be97

    SHA1

    0364c5cb105980022de1f83a40665d43850d30b2

    SHA256

    b9be6458884ed4d9a5ab539e9650df1ea9976ddd35f326306a9036501a003467

    SHA512

    7b7f066e2aa8b5d8addb860d81b67f6d83ca523c2b1b400e418de3fa77984b978ceb63cd3b583089a4f8b3865c8b598763be938b2d3176974350b67faf0b14d0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    3be4deb9c92607059c3956a5d735c79d

    SHA1

    23d3f678593a7acbd64f71a8773c1ae6cb555049

    SHA256

    4aab7894dbef9edeee11de30023846519dc0afc19a7e1263d96ab8d44c7f46a6

    SHA512

    56e183b092361487dd1c56c400f8e7ffd7d03460a2034d4bf3d6d59e3d448dca1f0f24cf9dbacdc7d2a837d6c13c61a1be47c1c17959c53bb6d1eefc9836791b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    f8f374f0c622f07f75549f1302f6e618

    SHA1

    be04f2426b471324c8c97c20ea65b8a1b1ba9611

    SHA256

    3a484ea6f3964d8b7ee31c57b2d2d2fe9a179c07c6a59e6ca513d2be9f097bb2

    SHA512

    d299d2de24b6189274e86d101c27664b8b0f49641eb9422d48becde59fd19057ab17a202d900950847ebf6e3b9d22ce40812d5f965e419954abefd5f1df1d7b3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    39abbe889f81b854ee210207cea6a0a9

    SHA1

    3944a48a31ed6e6ae76e164eef213affffface2b

    SHA256

    25892a4f57d3a400a331b35bc58f1af87a9b9a09f732df0b823ed87937e00d6f

    SHA512

    af155bf7ff1ebe9b5c98d3d78219cc3b1cb85e7ba4a8af6652e49a03bf9d40028e7a67441b8c70ac2754ae209046b46a80568739c1ce4380b8c299273a88da65

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    13626b10a34bbdc437c8fa80738ca267

    SHA1

    75c8bd3d8db91a7634aa82b3872f2a23c454ae63

    SHA256

    e28f8106c1a15a67cfa8ecb882a23a8b624fdbadcc78df6c91dedfe3a22d4c5a

    SHA512

    42bb2e2a0f410179e0b757fddb8998c6c482c94e463f51b91670a22343e2ccf3ea0b748544465a647db1fca5822a960a7f0419208ea0ebcfbcc1bb026c5bcc11

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    2b3f7644847a2a39da630da2b6cdda0d

    SHA1

    fd4274486bc7a710871dc0c5447865b9cb94ab62

    SHA256

    5069b83c25026312afd3475b0ba7624ee7fee4019cdab7c50d6b1642d653e42f

    SHA512

    840fea2eb2116e79ce7cf91346b72c2b89b9151698ba8c1d083c85aca884d7612edfecff5110318aff97bc5e0c800b8b07004b1406075fa6046ac3bab77e879b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    bd9f0384d36e899ba7a93a4180055243

    SHA1

    2ac692b27ef607cdd114c5a5a6a4b52b49be4409

    SHA256

    05d90bf8d8155e1ed3a63bac03f487e15029a81ed06c1c5b198cfa599a516dae

    SHA512

    80198a01bd8567cb4a99c08cb21f1d3109f550583dbb0a22129b039dc3ce9944f25b796b3f373d08054367a1ebff61c5db9997d41a8b43c9cda3ab83394f5303

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    04d6b3653fc370caa1614a40b8d5f070

    SHA1

    af029d8371301effeb3c5e77eb6a27ab2d5bb8b3

    SHA256

    26bbd407ff1aae6abeb8fab752f4734dd0a41bd486024dfaa55667980ed8b1bc

    SHA512

    fe6b75aa61d0a6169e86313c6d5244587578a8047b1347efa69a8386f78f54678813e009342bcf618658abb34e920c16a1132bd2465036c3c9e93e0c6ebd6f15

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    4f9f8a8a264734ac166f0c26789fb560

    SHA1

    396711527055109b9387476358bce8a8a4e7cf8a

    SHA256

    8f00dd755370ee28e65504552e7a2517818ad47443cbad6f7a0e9af1c2ad2060

    SHA512

    a81bc56e1be54a3eb36df99d6c6db498b10edaaa91a319569bf068109bd9659bb582fb2a67a04b933418355abeefd008b0b2de6e7c1994a39673883617f821da

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    b468a4654390b88dd0951756fbcae38d

    SHA1

    9e98b5406e80983d62d22d14fddcf69caeeeb2ee

    SHA256

    1d228558839f05935222f87453f88066853cdb59b6b006cc9abff4ae13aec641

    SHA512

    ebe3a20feaf11d18698f2eb0b7c2ce8208324dc2587aefc30d233d86d360d179ebc8e2ea4631e9d1895cda9d0d3edb11bf54ea03b25cc1425707bade7d8dcaf6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    1ba558a84ae5e884ac46cee9741cc950

    SHA1

    f237848b109335d86733335da87044dafe09c65a

    SHA256

    1bcbb9a84d2d70fd179dd0994d490b8fa6b8ee0481c657a1cca7ce349bbf08c2

    SHA512

    d6b9c1d464759a61ef521ec38b110041cd4e243a71b1b05042bd29174875f77474ea0183c8e778eeb716b22f61b9dd1448cce48cb981d509c3331d1b1e245a0d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    5c55307d8aaf87568726516b1bd37fd0

    SHA1

    651ed6e7f2ebc05b5f6cafadd990a3c9528f800a

    SHA256

    783552894e37ba432909b08b85db216edc7947413d3db36891d21c23840d56cf

    SHA512

    c6ba22ace93a734d203871db2b195fa4103cc22f67ef22eba985c37cbc8ea7d62001c343124fd8c9e7aa55c6990a70162a3803a748612705b8fbb350979b9dab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    05bae00f7bb464a698941a8aaf947d6b

    SHA1

    3667b29e440833131b1b8122aecc445b931d874c

    SHA256

    dbfe6749c91fb8d6de59b3496c50a835b12d9a7ab9f80212638a0f1cf90be578

    SHA512

    d5066a70cd7d2c872da9fa119683ba27ae801e11f9717b75a76b600fbf6a2ef22f208a617d076ff355b9910baf042a2c088ed61dc44033a8f39d11cd41243a37

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    caf6394905a54228a6bf076c5fe937d9

    SHA1

    a6af3c0db0fd711f4919d41460ffdcbc9a4ffa02

    SHA256

    c050647f3b75a48b7acdfdf88840da9607e015494e3b18b18bc8e1f96660ff64

    SHA512

    99fc6ee7ffe4ac5bf4dbff661c4d523c02b06cf54c4bd7cac5a6cfeef48ba1ba407384a9b4722a4d1bef7d683d61171b82a7dccb4bab82213b49207cb4b98ef9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    304B

    MD5

    7a0435f93a21e6eb853dc20173b37bda

    SHA1

    c91e0cba19d08b167971d856b722f052c355c15e

    SHA256

    25baa1ca44032fe6d5d150676afd636a817f6e30e7d03556dc228d575a740bd5

    SHA512

    9510fd5ce2e9887410a822d25b2875521a1601ec1b759fa4e94d8890d77a01f6f1b3d410d7fcde5abadeb8116c247be69c5e9f10c9b13c51b849cc545bbaf168

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab513E.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar51BE.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit

  • memory/2240-0-0x0000000000350000-0x0000000000360000-memory.dmp

    Filesize

    64KB

    Download